Constructing Solutions

Solutions are constructed by building the elimination formula for just a single dis- junct at a time, rather than the formula as a whole. For example, given∃x∃y. F[x,y], y is eliminated producing ∃x. G1 ∨ G2 ∨ G3 say, then x is eliminated from each of

∃x. Gi individually. Effectively, this is a depth-first search of all possible disjuncts, where each disjunct (state) has a chain of selected solutions for the variables pre- viously eliminated. Clearly, once all variables are eliminated, the final disjunct is either valid or invalid and, if valid, all of the solutions associated with the state have ground constraints that can be evaluated.

The following algorithm implements such a search, returning either a solution or ⊥ where the input is not valid.

Let F be a Σ_Z-formula, xs a list of variables to be eliminated and σ an existing solution which may be empty. It is assumed that all free variables inF appear inxs. The coopersub-procedure expands a formula to the equivalent elimination formula for the given variable. Thecompletesub-procedure fills in the parameteric values in a partial symbolic solution, justified by Lemma 3.3.6.

Solutions are constructed by collecting sets of constraints on solutions and eval- uating them as more quantifiers are eliminated. These constraints are calledsymbolic solutionsto emphasize that they are possibly non-ground representations of solutions. There are the two types of symbolic solutions possible for a variable: assignment so- lutions and bound solutions, writtenassignandboundin the code above.

A symbolic solution is closed if it has no variables int, for assign(t), and no vari- ables in any term inUBforbound. Closed symbolic solutions can always be replaced by a solution (an assignment to a concrete integer).

Example 3.3.2. Using F−∞ and FB, as in Example 3.3.1. Every disjunct of F−∞ is

invalid except where j=3. So the symbolic solution forx isbound(3, 3,{y}). Next eliminate yfromG=06≈y−5.

unity(G) =G ly =1

GB =06≈(5+1)−5,

whereBy ={5},b=5 andj=1 G−∞ =>

1 algorithmgetSymbolicSolution(F,xs,σ): 2 ifxs.isEmpty:

3 ifF =>returnσ

4 else return⊥ 5

6 foreachdisjunctDin cooper(F, xs): 7 ifD= F_B[b + j]:

8 letsolution :=σ · [x->assign(b+j/l)]

9 else ifD= F−∞[j]:

10 letsolution :=σ · [x->bound(j,D,UB(unit(F)))]

11

12 ifD=>:

13 returncomplete(solution, xs) 14 else ifD!=⊥:

15 lets := getSymbolicSolution(D, y, solution) 16 ifs !=⊥:

17 returncomplete(s, xs) 18

19 //nothing is valid 20 return⊥

Figure3.4: Creates the symbolic solution resulting from eliminating all ofxsfromF. There is one valid disjunct inGB, and this gives the symbolic solution fory:

assign((5+1)/1). After applying the solution fory, the symbolic solution

bound(3, 3,{6}) for x is closed and can be evaluated to x = 3. Since lx was 3, the final solution is x =1. So the solution for Fis{x → 1,y→ 6}and, as a final check, 0<−3·1+6 ∧ 06≈6−5 is valid.

Lemma 3.3.5. F has a closed symbolic solution iff it is valid

Proof. By Lemmas 3.3.4 and 3.3.3, solutions to closed symbolic solutions are solutions to F. Conversely, a validF has at least one valid disjunct in its elimination formula. The algorithm getSymbolicSolution must eventually find it, as the final elimination formula forF has a finite number of disjuncts.

The algorithm in Figure 3.3.2.1 can terminate before eliminating all variables in xs and return a symbolic solution. This can happen when a disjunct contains a subset ofxs. The result is not a closed solution for F, as the remaining variables are not assigned values. The following lemma shows that free variables in a symbolic solution returned bygetSymbolicSolution can be filled in arbitrarily and still yield a solution for F. In the code this is done by the call to sub-procedurecompleteon lines 13 and 16.

Lemma 3.3.6. A symbolic solution for F can always be evaluated to a solutionαfor F. Proof. There are two cases: either all symbolic solutions are closed or some are open. When all solutions are closed, the solution can be evaluated (i. e. , solutions tobound

constraints can be found using Lemma 3.3.4). When a solution is open, then that solution depends on variables that were not eliminated. This happens when elimi- nation produces, e. g. , F ⇔ ∃y. F0[y] ∨ >. It must be shown that using an arbitrary solution for variables in open solutions does not affect the validity of F. Assume variables γ = {x₁, . . . ,x_k}are not eliminated from vars(F) = {y₁, . . . ,y_l,x₁, . . . ,x_k} and that there is a symbolic solution for each variable yi. The Cooper expansion of

∃y1, . . . ,yl,x1, . . . ,xk.Fis∃x1, . . . ,xk.>, since a solution exists. Let[x1 →c1, . . . ,xk → c_k]be a hypothetical solution for arbitrary integers ci. A representation of this solu- tion can be added to the original Flike so:

∃y1, . . . ,yl,x1, . . . ,xk.(F ∧ x1 ≈c1 ∧ . . . ∧ xk ≈ck)

Since no variable in γ is eliminated in the Cooper expansion of this formula, the result of the elimination procedure is ∃x1, . . . ,xk. (> ∧ x1 ≈ c1 ∧ . . . ∧ xk ≈ ck), which remains valid. Therefore, extending a symbolic solution for a valid formula with arbitrary values for open solutions produces a valid closed solution.

For example, x+y ≈ 0 has Bx = {−(y+1)} and symbolic solution σ = [x → −y,y → y]. The corresponding disjunct is ∃y. 0 ≈ 0 (substitution with b = −(y+

1),j= 1). Adding a guessed solutiony=c,∃x,y.(x+y≈0 ∧ y≈c), results in the same Bx and the sameσ. However, the final formula is∃y.(0≈0 ∧ y≈c).